Configuring ipv6 communication in solaris 10, Registering the primary svp host name, Setting up ssl encryption – HP XP7 Storage User Manual
Page 14
3.
In the Networking dialog box, clear the Internet Protocol Version 4 (TCP/IPv4) check box.
4.
Click OK to save he changes and close the dialog box.
Configuring IPv6 communication in Solaris 10
To configure a Remote Web Console computer to use IPv6 for communication with an SVP:
1.
Start a command window / system console.
2.
Execute the following command:
ipconfig network-interface-name inet down
Registering the Primary SVP Host Name
You must register the primary SVP host name before completing any of the following tasks.
•
Specify a host name instead of an IP address when accessing Remote Web Console.
•
Acquire the public key certificate for SSL-encrypted communication from the CA (Certificate
Authority). Note that you must register the server name as the host name to the DNS server
or the hosts file. The server name is entered in the certificate as a common name.
Enter the SVP host name and IP address in the DNS server or the hosts file of the Remote Web
Console PC. You can register any host name to the DNS server or the hosts file, but there are
restrictions on the letters you can use for the host name.
•
DNS setting: You need to register the IP address and host name of the SVP to the DNS server
that manages the network to which the SVP is connected.
•
Hosts file setting: You need to enter the IP address and host name of the SVP to the hosts file
of the Remote Web Console PC. The general directory of the hosts file is:
Windows 7: C:\Windows\System32\drivers\etc\hosts
UNIX: /etc/hosts
Setting up SSL encryption
To improve security of remote operations from a Remote Web Console SVP to a storage system,
you can set up Secure Sockets Layer (SSL) encrypted communication. By setting SSL encryption,
the Remote Web Console User ID and Password are encrypted.
Note the following SSL terms:
•
Secure Sockets Layer: SSL is a protocol first developed by Netscape to securely transmit data
over the Internet. Two SSL-enabled peers use their private and public keys to establish a secure
communication session, with each peer encrypting transmitted data with a randomly generated
and agreed-upon symmetric key.
•
Keypair: A keypair is two mathematically-related cryptographic keys consisting of a private
key and its associated public key.
•
Server Certificate: A Server Certificate (also called a Digital Certificate) forms an association
between an identity (in this case the SVP server) and a specific keypair. A Server Certificate
is used to identify the SVP server to a client so that the server and client can communicate
using SSL. Server Certificates come in two basic types:
•
Self-signed: You generate your owned self-signed certificate and the subject of the certificate
is the same as the issuer of the certificate. If the Remote Web Console computers and the SVP
are on an internal LAN behind a firewall, you may find that this option provides sufficient
security.
•
Signed and Trusted: For a Signed and Trusted Server Certificate, a Certificate Signing Request
(CSR) is sent to and certified by a trusted Certificate Authority (CA) such as VeriSign (
. Use of this certificate results in higher reliability in exchange for more
cost and requirements.
14
Setting up Remote Web Console